Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp5904120pxu; Wed, 23 Dec 2020 08:13:44 -0800 (PST) X-Google-Smtp-Source: ABdhPJzYUhbkGIhcNrZqXIyxz5BOc66W5VuRzGXsLxvlTSdDwVTlMbFQX4xJjl3iOxZ25HMDxTm4 X-Received: by 2002:a17:906:144e:: with SMTP id q14mr24206345ejc.150.1608740023763; Wed, 23 Dec 2020 08:13:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1608740023; cv=none; d=google.com; s=arc-20160816; b=b0S1G7f4v75xdJWX5+Son/38tKosq0Tg51AZbUUI6WJS6LPDbL3LKsQmnu57wUex9f ldGBBzgUcdhuG6L/2nFdqm1vs+WpKHplGGIX8n8zR/kjUkZd8xQZuDs7bILOZgQcgjhh K6a395jISWe0FgUBPY674afWVKbfrP+oht18Xg74LylrYAUGlgX1fh+vX6daAaeI1fBo sOdHdIdWSBwsJoYqhM4iIJZZzwCimkYaHRY/6yYd7pKYawxrpEZQtmBmcYkx8lKWJeLE aS/dBkcBpRaFnp5nubLDeSOPfrstF9Lq6Xhyxhs0oJGM2XWDR8TUSPTXfKy2qa/iWYId dv3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=Tbsk0TEZwGK1foU3V0QADX+u1GzizmvdwR6aQuzIVps=; b=P84ZVBpOZW/9MT6tj34WSAaJh4lvapwCtVe6dh3yNBIKB1Nxu485hYpYU5FiJ7kFWI XDSLyz2h/O3wAqHhQQzcQP/roFFKCYmZzl6pAn4sfHHH3L4v7upZKMN9u23pUxEoCyIC be8piOceZfbc1MqRMhFFx6g5ErXIHr4wL1WjSbGi5N7Bix5lAaEXq4eEH79EWnM17StY CDf2CDZEmcgOnwJ7zLmBi+IBuuWdVOq88/8sDcxG/ondH6GDnAYv8WBHUAuwiDDClXUH DTQCOp/PIf2JWvuJlDaC5vIdbgL8xSkmDOaR0B2IPfHJwLJBsR7LQm3NxwuUqf/l1FGO /XgA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b="On/eTEgP"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b6si16409737edu.567.2020.12.23.08.13.24; Wed, 23 Dec 2020 08:13:43 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b="On/eTEgP"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726047AbgLWQNX (ORCPT + 99 others); Wed, 23 Dec 2020 11:13:23 -0500 Received: from mail.zx2c4.com ([192.95.5.64]:43381 "EHLO mail.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725957AbgLWQNX (ORCPT ); Wed, 23 Dec 2020 11:13:23 -0500 Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 3f69d1df; Wed, 23 Dec 2020 16:04:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=mime-version :references:in-reply-to:from:date:message-id:subject:to:cc :content-type; s=mail; bh=23j/ro/omc+K4mkuzhNgYX2FZxM=; b=On/eTE gPYJkYIs2BR/TqifUzqYEOfJwbLiyGYyr7xqE+nL5nuLFIGZ5Q/iP6IiNoYgr6JC GXfdxMRa3ZpzwFDQQG667xD3DqKS2KMMT8WOebkeU/iU/xuo3iZgdi5VXZESwXmu fxqk2CeDJKwmYfi3nXHnWpvFvf/gxf4w9zmJWCzSB4xGfyZwKHkR6+Qqta1ZW+Fw C//zU+TE5FyRGt3LUtIxH+9YF+X0k1HdqLMrK033YbUpySdh9a/vykTDT8F6bcfB bqfUXcu/OjhuGJ4p0MXKpdXHXIeAp2vHbZvATPImMSw1hYd9xiro6QcsYPjtvBA6 LmOxDHoUBdmdFj0w== Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 2312aa93 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Wed, 23 Dec 2020 16:04:06 +0000 (UTC) Received: by mail-yb1-f178.google.com with SMTP id v67so30855ybi.1; Wed, 23 Dec 2020 08:12:38 -0800 (PST) X-Gm-Message-State: AOAM532DKmS7rL6jrRnvcv08eabGbDGSYPjz3oPXjos8BymlQC7GzbEP OD78+EQJkdiaeSMXqFZ+GKSlwuR8wfWOSz5r1bU= X-Received: by 2002:a5b:78d:: with SMTP id b13mr36642356ybq.123.1608739957120; Wed, 23 Dec 2020 08:12:37 -0800 (PST) MIME-Version: 1.0 References: <20201130151231.GA24862@lst.de> <20201130165339.GE5364@mit.edu> <20201218132519.kj3nz7swsx7vvlr5@valinor.lan> <20201223132851.55d19271@blackhole.lan> <20201223151014.57caf98b@ezekiel.suse.cz> <20201223170057.7c8fd710@ezekiel.suse.cz> In-Reply-To: From: "Jason A. Donenfeld" Date: Wed, 23 Dec 2020 17:12:26 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: drivers/char/random.c needs a (new) maintainer To: Petr Tesarik Cc: Torsten Duwe , Marcelo Henrique Cerri , "Theodore Y. Ts'o" , Linus Torvalds , =?UTF-8?Q?Stephan_M=C3=BCller?= , Willy Tarreau , Linux Crypto Mailing List , Nicolai Stange , LKML , Arnd Bergmann , "Eric W. Biederman" , "Alexander E. Patrakov" , "Ahmed S. Darwish" , Matthew Garrett , Vito Caputo , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , Andy Lutomirski , Florian Weimer , Lennart Poettering , Peter Matthias , Neil Horman , Randy Dunlap , Julia Lawall , Dan Carpenter , And y Lavr , Eric Biggers , Ard Biesheuvel , simo@redhat.com Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Wed, Dec 23, 2020 at 5:03 PM Jason A. Donenfeld wrote: > > Hi Peter, > > On Wed, Dec 23, 2020 at 5:01 PM Petr Tesarik wrote: > > I never suggested that this should serve as a supportive argument. I was just trying to be honest about our motivations. > > > > I'm a bit sad that this discussion has quickly gone back to the choice of algorithms and how they can be implemented. > > Why are you sad? You are interested in FIPS. FIPS indicates a certain > set of algorithms. The ones most suitable to the task seem like they'd > run into real practical problems in the kernel's RNG. > > That's not the _only_ reason I'm not keen on FIPS, but it does seem > like a very basic one. > > Jason And just to add to that: in working through Nicholai's patches (an ongoing process), I'm reminded of his admonishment in the 00 cover letter that at some point chacha20 will have to be replaced, due to FIPS. So it seems like that's very much on the table. I brought it up here as an example ("For example, " is how I began that sentence), but it is a concern. If you want to make lots of changes for cryptographic or technical reasons, that seems like a decent way to engage. But if the motivation for each of these is the bean counting, then again, I'm pretty wary of churn for nothing. And if that bean counting will eventually lead us into bad corners, like the concerns I brought up about FPU usage in the kernel, then I'm even more hesitant. However, I think there may be good arguments to be made that some of Nicholai's patches stand on their own, without the FIPS motivation. And that's the set of arguments that are compelling. Jason